In recent years, data communication through networks such as Internet is widely used and a great deal of image data, music data and so on is widely distributed through networks.
In many contents such as music data and image data, copyrights, distribution rights and so on are possessed by creators or sellers. Therefore, for example, when a service provider provides a user with a content from a server through a network, it is common to perform control so as to allow only users having a legitimate use right to use the content.
Specifically, for example, the control is performed so that the content is transmitted as an encrypted content which can be decrypted only by an encryption key provided to a user who has performed legitimate purchase processing of the content. However, even when the above control is performed, unauthorized use of the content by an unspecified number of users occurs in the case where, for example, the content decrypted by the user who has acquired the encrypted content or the encryption key is illegally distributed or published. Particularly in recent years, there are many cases that data is illegally published or distributed and how to prevent such unauthorized use is a big problem.
A specific example of illegal distribution of an encrypted key and a content will be explained with reference to a drawing.
FIG. 1 is a view showing an example of illegal publication of the encryption key. A content providing server 10 provides an encrypted content 11 encrypted by applying an encryption key 12 to a client A 21 and a client B 22 who have executed a legitimate content purchase procedure with the encryption key 12.
These client A 21 and the client B 22 can execute content reproduction by performing decryption of the encrypted content 11 applying the encryption key 12.
However, assume that the client B 22 publishes the encryption key 12, for example, in a website on a network to which anyone can access.
When the above processing of publishing the key is conducted, the published encryption key 31 can be acquired by an unspecified number of users.
As a result, the published encryption key 31 can be acquired through a network, for example, by an unauthorized user 23 who has not performed the legitimate content purchase processing, and further, a copy 32 of the encrypted content can be acquired from another client and so on, therefore, the unauthorized user 23 can decrypt the copy 32 of the encrypted content by applying the published encryption key 31 and perform reproduction of the content.
If such situation occurs, the unauthorized use of contents will be widespread.
In the example shown in FIG. 1, the same encryption key is provided to all clients, therefore, when one illegal user leaks the key, all contents provided to other clients can be decrypted by the illegal key. Additionally, it is difficult to specify the client who has illegally published the key.
As a method of solving the problem, a configuration in which an encrypted content to be provided to respective clients is encrypted by different encryption keys will be effective.
That is, as shown in FIG. 2, the content providing server 10 provides an encrypted content encrypted by applying an encryption key A 14 to a client A 24 with the encryption key A 14.
The content providing server 10 provides an encrypted content encrypted by applying an encryption key B 15 to a client B 25 with the encryption key B 15.
The content providing server 10 provides an encrypted content encrypted by applying an encryption key C 16 to a client C 16 with the encryption key C 16.
As the above setting is applied, if by some chance any of the encryption keys is leaked, the content which can be decrypted by the leaked key is limited to one encrypted content encrypted by the leaked key, and it is possible to specify a leakage source, namely, an illegal client who has published the encryption key.
However, it is necessary that the content providing server 10 generates encrypted contents different according to each client in order to change the encryption key in each client, which causes the problem of increasing a processing load on the server's side.
The examples explained with reference to FIG. 1 and FIG. 2 are examples in cases where illegal publication and leakage of the encryption key applied for encryption/decryption processing of the content are conducted, however, not only the encryption key but also the decrypted content can be a target for illegal publication or leakage.
FIG. 3 shows an example of illegal publication of the decrypted content.
The content providing server 10 provides the encrypted content 11 encrypted by applying the encryption key 12 to a client 28. The providing processing is executed as legitimate content purchase processing.
However, when the client 28 decrypts the encrypted content 11 by applying the encryption key 12 and illegally publishes the decrypted content 11, an illegally-published content 33 can be used by an unspecified number of users including an unauthorized user 29 shown in FIG. 3.
When the decrypted content is published as described above, unauthorized use of the decrypted content will be widespread and it is difficult to specify the client who has illegally published the encrypted content even when the encryption key is changed in each client.